Secure Configuration Review and System Hardening
A detailed review and verification of configuration settings of IT infrastructure components including systems, network devices & applications to measure the security effectiveness of the IT environment.
What is Secure Configuration Assessment?
Secure configuration refers to a detailed review and verification of configuration settings of computers, network devices and applications to measure the security effectiveness of the environment.
Why is Secure Configuration important?
Manufactures often set the default configurations of new software and devices to be open eg a predefined password for a router or preinstalled application for an operating system.
Attackers are constantly looking for such default settings that are easily vulnerable. Once they gain access, they start making changes
What IT components are covered as part of the Configuration Assessment?
- Operating Systems (Windows Server and Desktops, Unix-based Servers)
- Internal Systems (File servers, Share-point, Anti-virus Servers, DLP, Certificate servers, SIEM components, Log Servers, Print Servers, SMS gateways, VoIP servers, SAN, NAS, Middle-ware, PIM, Password management systems, Backup servers, CCTV and surveillance systems, Building Management systems, Virtualization servers, etc.)
- Perimeter Security Devices (Firewalls, IPS, IDS, UTM, Gateway Antivirus, Secure Mail Gateway, VPN setup, Firewall Management systems etc)
- Web servers (IIS, Web Sphere, Apache, Tomcat, etc)
- Network Devices (Routers, Switches, WLAN's, WAP's, etc)
- Database Servers (Mongo DB, MS-SQL Server, MySQL, PostgreSQL, Sybase, Oracle, IBM DB2, etc)
Our Approach
Step 1
Interviewing key IT Infrastructure Teams
Step 2
Data Gathering (Current Configuration and Deployment Settings using authenticated scans or manual data gathering)
Step 3
Data Analysis (Reviewing Configuration Settings)
Step 4
Identification and rating of configuration weaknesses
Step 5
Analysis & Reporting
Step 6
Revalidation
Expected Deliverables
Executive Summary
Vulnerability Risk Level
Vulnerability Description
Evidence of their Exploitability
Practical Recommendations
Why Work with Us?
- We have reviewed more than 1000+ IT components globally.
- We conduct the reviews with and without credentials.
- Our exhaustive reports come with practical action items that are achievable.
- Our in-house developed configuration review scripts and manual checklists for COTS applications/systems are top notch.
- We bring all our experience and expertise garnered by serving some of the global organizations across industry verticals.
- The assessment is carried out by an experienced team with well-known global certifications
Our Internationally-Recognized Certifications
![[AVASURE Technologies][66]comptia-security-certification-logo](https://avasuretechnologies.com/wp-content/uploads/2020/04/AVASURE-Technologies66comptia-security-certification-logo-e1588588889721.png){kind=logo}
![[AVASURE Technologies][312]cisa-certifications](https://avasuretechnologies.com/wp-content/uploads/2020/04/AVASURE-Technologies312cisa-certifications-e1588588637566.png)
![[AVASURE Technologies][337]cpte-pen-testing-engineer-certification](https://avasuretechnologies.com/wp-content/uploads/2020/04/AVASURE-Technologies337cpte-pen-testing-engineer-certification-e1588588692451.png)
![[AVASURE Technologies][918]comptia-pentest-certification](https://avasuretechnologies.com/wp-content/uploads/2020/04/AVASURE-Technologies918comptia-pentest-certification-e1588588680461.png)
![AVASURE Technologies][63]certified-ethical-hacker-certification](https://avasuretechnologies.com/wp-content/uploads/2020/04/AVASURE-Technologies63certified-ethical-hacker-certification-e1588588666155.png)
![[AVAURE Technologies][8]licensed-penetration-tester-certification](https://avasuretechnologies.com/wp-content/uploads/2020/04/AVAURE-Technologies8licensed-penetration-tester-certification.png)
Let's Secure Your Organization Together!
info@avasuretechnologies.com
Phone
+91-8169729716
Address
4-Chandra Jyoti, Bhimani Street,
Matunga, Mumbai - 400019.
Get in touch!
Business Hours: 9am – 6pm, Mon – Fri.
